1. GitHub - douniwan5788/zte_modem_tools: tools for zte modem Download this and set it up it's a godsend tool. (You may need to change/remove the dependency version in the requirements.txt if you're using Python 3.11 or newer like me)
2. Run the command
Now it'll enable telnet and show this output:
The username and password it gives you, save it. However it changes every time you run this command so idk if it deletes any old telnet session/credentials, more investigation is needed.
3. (Tbh I don't think this works given the error at step 5 in the output below) To unlock serial you type:
It gives me this output:
Firmware version: Factory V7.1.10P3N5
This is something I found only by scrounging the internet for tips across different videos, scripts, forum posts, etc. I hope by writing it here it could consolidate the cool tricks for people who want to unlock their stuff and get proper access. I'll try to investigate more
Recently I was trying to get UART shell on my old ZTE F602W but I somehow fried the unit. Then I had it replaced with a new unit, ZXHN F660. naturally I wanted to hack it so I tried looking for tips but all the tricks were just spread too far across the internet and t was very hard to find legitimate/working tricks. ZTE F601 This site is good for tricks
If you have an external router you need to only set it as the DMZ host on the ONT follow the below instructions. This lets u port forward by setting configuration on the external router
broadband.forum
2. Run the command
python3 zte_factroymode.py --user admin --pass <Your modem's mac address here> --ip 192.168.1.1 --port 80 telnet open Now we ENABLED TELNETNow it'll enable telnet and show this output:
Code:
$ .venv/bin/python3 ./zte_factroymode.py -u admin -p <Your modem's mac address here> --port 80 telnet open
trying user:"admin" pass:"<ont mac address>"
reset facTelnetSteps:
reset OK!
facStep 1:
OK!
facStep 2:
OK!
facStep 3:
OK!
facStep 4:
OK!
facStep 5:
OK!
b'FactoryModeAuth.gch?user=abkaI7jW&pass=j8so0jDo\x00'
doneThe username and password it gives you, save it. However it changes every time you run this command so idk if it deletes any old telnet session/credentials, more investigation is needed.
3. (Tbh I don't think this works given the error at step 5 in the output below) To unlock serial you type:
.venv/bin/python3 ./zte_factroymode.py -u admin -p <ont mac address> --port 80 serial openIt gives me this output:
Code:
$ .venv/bin/python3 ./zte_factroymode.py -u admin -p <ont mac address> --port 80 serial open
trying user:"admin" pass:"<ont mac address>"
reset facTelnetSteps:
reset OK!
facStep 1:
OK!
facStep 2:
OK!
facStep 3:
OK!
facStep 4:
OK!
facStep 5:
('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))
doneFirmware version: Factory V7.1.10P3N5
This is something I found only by scrounging the internet for tips across different videos, scripts, forum posts, etc. I hope by writing it here it could consolidate the cool tricks for people who want to unlock their stuff and get proper access. I'll try to investigate more
Recently I was trying to get UART shell on my old ZTE F602W but I somehow fried the unit. Then I had it replaced with a new unit, ZXHN F660. naturally I wanted to hack it so I tried looking for tips but all the tricks were just spread too far across the internet and t was very hard to find legitimate/working tricks. ZTE F601 This site is good for tricks
If you have an external router you need to only set it as the DMZ host on the ONT follow the below instructions. This lets u port forward by setting configuration on the external router
Any way to port forward on a Hathway modem + TP Link router setup?
I figured it out. Unencumbered port forward succesfully achieved on dynamic Hathway IPv4 with no need for PPPoE password (this was Hathway@123 for me, for anyone interested anyway) Bridge Mode (I tried this method Reddit - Dive into anything, but it didn't work for me. It just seemed to down...
broadband.forum
Last edited:
